Fwd: [CIVN-2020-0279] Remote Code Execution Vulnerability in Windows Remote Desktop Client

4 years ago 326

BOOK THIS SPACE FOR AD

ARTICLE AD

Remote Code Execution Vulnerability in Windows Remote Desktop Client

Severity Rating: High

Software Affected:

Windows 10 for 32-bit & x64-based Systems

Windows 10 Version 1607 for 32-bit & x64-based Systems

Windows 10 Version 1709 for 32-bit,x64-based & ARM64-based Systems

Windows 10 Version 1803 for 32-bit,x64-based & ARM64-based Systems

Windows 10 Version 1809 for 32-bit,x64-based & ARM64-based Systems

Windows 10 Version 1903 for 32-bit,x64-based & ARM64-based Systems

Windows 10 Version 1909 for 32-bit,x64-based & ARM64-based Systems

Windows 10 Version 2004 for 32-bit,x64-based & ARM64-based Systems

Windows 7 for 32-bit Systems Service Pack 1

Windows 7 for x64-based Systems Service Pack 1

Windows 8.1 for 32-bit systems

Windows 8.1 for x64-based systems

Windows RT 8.1

Windows Server 2008 R2 for x64-based Systems SP1 & Server Core installation

Windows Server 2012 & Server Core installation

Windows Server 2012 R2 & Server Core installation

Windows Server 2016 & Server Core installation

Windows Server 2019 & Server Core installation

Windows Server, version 1903 (Server Core installation)

Windows Server, version 1909 (Server Core installation)

Windows Server, version 2004 (Server Core installation)

Overview:

A remote code execution vulnerability has been reported in Microsoft

Windows Remote Desktop Client which could allow an attacker to execute

arbitrary code on the targeted system.

Description

This vulnerability exists in Windows Remote Desktop Client due to improper

handling the connection requests by the affected Windows Remote Desktop

Client. A remote attacker could exploit this vulnerability by compromising

a legitimate server, hosting malicious code on it, and convincing the user

to connect to the malicious server.

Successful exploitation of this vulnerability could execute arbitrary code

on the targeted system.

Solution

Apply appropriate patches as mentioned in Microsoft Security Bulletin:

Vendor Information

Microsoft

References:

Microsoft

- -1374

CVE Name

CVE-2020-1374

Read Entire Article

LEFT SIDEBAR AD

Fwd: [CIVN-2020-0279] Remote Code Execution Vulnerability in Windows Remote Desktop Client

BOOK THIS SPACE FOR AD

Related

Fwd: [CIVN-2020-0294] Microsoft Office Elevation of Privilege Vulnerability

Fwd: Virus Alert : CLOP Ransomware

Fwd: [CIVN-2020-0295] Remote code execution vulnerability in IBM WebSphere Application Server

Fwd: Virus Alert : Conti Ransomware

Fwd: [CIVN-2020-0293] LNK Remote Code Execution Vulnerability

Fwd: [CIAD-2020-0049] Multiple Vulnerabilities in Apple iOS and iPadOS

Trending

Popular

1-click RCE in Electron Applications

Install waybackurls on Kali Linux

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Install DalFox on Kali Linux

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Autodesk Revit 2023 R1 Build 23.0.11.19 (x64) Multilingual + Crack

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

BOOK THIS SPACE FOR AD